SiteCheck Signatures

  1. Home
  2. SiteCheck Signatures
  3. malware.scounter


This malware is crafted to act as a part of a valid counter script for the untrained eye, using a decieving comment: <!--scounter--> and javascript obfuscation as an obstacle to its understanding.
From all payloads found related to malware.scounter the most common are conditional redirect and iframe injection.

<!--scounter--><script language="JavaScript">eval(function(p,a,​c,k,e,r){e=function(c){return(c<a?&#39;&#39;:e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!&#39;&#39;.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return&#39;\w+&#39;};c=1};

This obfuscator is used by quite a few legitimate scripts but when we see something new we choose to report it to webmasters. If you think that it's a mistake, please contact us.

Affecting: Any web site (no specific target).